1. Field of the Invention
The invention relates to cryptography, particularly a cryptographic technique that not only provides fast and extremely secure encryption and decryption but also assures integrity of a ciphertext message. Advantageously, this technique is particularly, though not exclusively, suited for use in real-time encryption and decryption of files, such as, but not limited to, those stored in a repository, e.g., a disk drive or other storage medium in a personal computer or server, or communicated through an insecure network. This technique can also be used to efficiently and rapidly generate a message authentication code (MAC).
2. Description of the Prior Art
Over the centuries, for as long as information has been communicated between two individuals, the information has been susceptible to third-party interception, eavesdropping, compromise and/or corruption. Clearly, the problem of securely protecting information from such acts has existed for quite a long time.
Traditionally, this problem has been handled through the development, over the years, of increasingly sophisticated cryptographic techniques. One class of these techniques involves the use of key based ciphers. In particular, through a key based cipher, sequences of intelligible data, i.e., plaintext, that collectively form a message are each mathematically transformed, through an enciphering algorithm, into seemingly unintelligible data, i.e., so-called ciphertext. Not only must the transformation be completely reversible, i.e., two way in the sense that the ciphertext must be invertable back to its corresponding original plaintext but also on a 1:1 basis, i.e., each element of plaintext can only be transformed into one and only one element of ciphertext. In addition, a particular cipher that generated any given ciphertext must be sufficiently secure from cryptanalysis. To provide a requisite level of security, a unique key is selected which defines only one unique corresponding cipher, i.e., precluding, to the extent possible, a situation where multiple differing keys each yields reversible transformations between the same plaintext-ciphertext correspondence. The strength of any cryptographic technique and hence the degree of protection it affords from third-party intrusion is directly proportional to the time required, by a third-party, to perform cryptanalysis, e.g., with a key based cipher to successfully convert the ciphertext into its corresponding plaintext without prior knowledge of the key. While no encryption technique is completely impervious from cryptanalysis, an immense number of calculations and an extremely long time interval required therefor--given the computing technology then available--required to break a cipher without prior knowledge of its key effectively renders many techniques, for all practical intents and purposes, sufficiently secure to warrant their widespread adoption and use. In that regard, as recently as a few years ago, if a cipher was of such complexity that it required on the order of man-years or more to break, in view of the state of the processing technology then available to do so, the underlying cryptographic technique was viewed by many as rendering a sufficient decree of security to warrant its use.
However, computing technology continues to rapidly evolve. Processors, once unheard of just a few years ago in terms of their high levels of sophistication and speed, are becoming commercially available at ever decreasing prices. Consequently, processing systems, such as personal computers and workstations, that were previously viewed as not possessing sufficient processing power to break many so-called "secure" cryptographic ciphers are now, given their current power and sophistication, providing third parties with the necessary capability to effectively break those same ciphers. What may have taken years of continual computing a decade ago can now be accomplished in a very small fraction of that time. Hence, as technology evolves, the art of cryptography advances in lockstep in a continual effort to develop increasingly sophisticated cryptographic techniques that withstand correspondingly intensifying cryptanalysis.
Over the past few years, the Internet community has experienced explosive and exponential growth--growth that, by many accounts, will only continue increasing. Given the vast and increasing magnitude of this community, both in terms of the number of individual users and web sites and sharply reduced costs associated with electronically communicating information, such as e-mail messages and electronic files, over the Internet between one user and another as well as between any individual client computer and a web server, electronic communication, rather than more traditional postal mail, is rapidly becoming a medium of choice for communicating information, whether it be, e.g., an e-mail message or a program update file. In that regard, the cost of sending an electronic file between computers located on opposite sides of the Earth is a very small fraction of the cost associated with storing that file on a diskette (or other media) and transporting that media between these locations even through the least expensive class of postal mail service. However, the Internet, being a publicly accessible network, is not secure and, in fact, has been and increasingly continues to be a target of a wide variety of attacks from various individuals and organizations intent on eavesdropping, intercepting and/or otherwise compromising or even corrupting message traffic flowing on the Internet or illicitly penetrating sites connected to the Internet. This security threat, in view of the increasing reliance placed on use of the Internet as a preferred medium of communication, exacerbates the efforts in the art, otherwise fostered by primarily continuing advances in computing power, to develop increasingly strong cryptographic techniques that provide enhanced levels of security to electronic communication.
However, encryption, by itself, provides no guarantee that a enciphered message can not be or has not been compromised during transmission or storage by a third party. Encryption does not assure integrity. An encrypted message could be intercepted and changed, even though it may be, in any instance, practically impossible, to cryptanalyze. In that regard, the third party could intercept, or otherwise improperly access, a ciphertext message, then substitute a predefined illicit ciphertext block(s) which that party, or someone else acting in concert with that party, has specifically devised for a corresponding block(s) in the message; and thereafter, transmit that resulting message with the substituted ciphertext block(s) onward to a destination--all without the knowledge of the eventual recipient of the message and to the eventual detriment of the original message sender and/or its recipient. For example, if the message involved a financial transaction between a purchaser and a seller, the substituted block could be an enciphered account number of the third party rather than that of the intended seller; hence, with an eventual effect of possibly illicitly diverting money originally destined to the seller to the third party instead. For a variety of reasons, messages carried over the Internet are vulnerable in this regard.
Detecting altered communication is not confined to Internet messages. With the burgeoning use of stand-alone personal computers, very often, an individual or business will store confidential or other information within the computer, such as on a hard-disk therein, with a desire to safeguard that information from illicit access and alteration by third-parties. Password controlled access--which is commonly used to restrict access to a given computer and/or a specific file stored thereon--provides a certain, but rather rudimentary, form of file protection. Often users are cavalier about their passwords, either in terms of safeguarding their password from others or simply picking passwords that others can easily discern; thereby creating a security risk. Once password protection is circumvented--by whatever means are used, a third party can access a stored file and then change it, with the owner of the file then being completely oblivious to any such change.
Therefore, a need exists in the art for a cryptographic technique that not only provides an extremely high level of security against cryptanalysis, particularly given the sophistication and power of current and future processing technology, but also is capable of detecting a change made to a ciphertext message. Such a technique would find wide application, including, but not limited to use, in, e.g., secure file storage or safeguarding messages transmitted over an insecure network.